Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2024-55543 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | 7.8 | 0.16% | 2025-01-02 | 2026-06-17 |
| CVE-2024-55542 | Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35895. | 4.4 | 0.16% | 2025-01-02 | 2026-06-17 |
| CVE-2024-55541 | Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169. | 6.1 | 0.28% | 2025-01-02 | 2026-06-17 |
| CVE-2024-55540 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. | 7.8 | 0.16% | 2025-01-02 | 2026-06-17 |
| CVE-2024-55538 | Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736, Acronis True Image OEM (macOS) before build 42571, Acronis True Image OEM (Windows) before build 42575. | 4.0 | 0.17% | 2025-01-02 | 2026-06-17 |
| CVE-2024-49385 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736, Acronis True Image OEM (Windows) before build 42575. | 5.5 | 0.09% | 2025-01-02 | 2026-06-17 |
| CVE-2024-55539 | Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185, Acronis Cyber Protect 16 (Linux) before build 39938. | 2.5 | 0.11% | 2024-12-23 | 2026-06-17 |
| CVE-2024-34015 | Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892. | 3.3 | 0.20% | 2024-11-11 | 2026-06-17 |
| CVE-2024-34014 | Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892, Acronis Backup extension for Plesk (Linux) before build 1.8.6.599, Acronis Backup plugin for DirectAdmin (Linux) before build 1.2.2.181. | 5.5 | 0.20% | 2024-11-11 | 2026-06-17 |
| CVE-2024-49392 | Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | 4.8 | 0.21% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49391 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | 7.3 | 0.07% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49390 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | 7.3 | 0.17% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49389 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | 7.8 | 0.05% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49386 | Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. | 5.7 | 0.16% | 2024-10-17 | 2026-06-17 |
| CVE-2024-49388 | Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | 9.1 | 0.27% | 2024-10-15 | 2026-06-17 |
| CVE-2024-49387 | Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | 7.5 | 0.16% | 2024-10-15 | 2026-06-17 |
| CVE-2024-49384 | Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | 4.3 | 0.16% | 2024-10-15 | 2026-06-17 |
| CVE-2024-49383 | Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | 4.3 | 0.16% | 2024-10-15 | 2026-06-17 |
| CVE-2024-49382 | Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. | 4.3 | 0.16% | 2024-10-15 | 2026-06-17 |
| CVE-2024-8903 | Local active protection service settings manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows, macOS) before build 38565. | 4.7 | 0.13% | 2024-09-23 | 2026-06-17 |